FTC Wants Do-Not-Track Browser System... But Does The Government Need To Be Involved?

from the it's-called-no-script dept

So a lot of folks are talking about the FTC's new plan for a "Do Not Track" system, which would be a browser-based tool that would let people indicate that they do not want various marketing/advertising/tracking tools to track their internet surfing. While I appreciate the FTC's general concern about privacy, I'm sort of wondering why it needs to be involved at all, if the idea is to create a browser-based system for this. There are already technological tools out there to do much of what the FTC appears to want. You can disable cookies or use tools like No Script to block most tracking efforts already. So what does the FTC's push do that isn't already being done by the market?

Re: derp

Even with noscript+adblock you can still be reasonably tracked. The techniques used to do so are not generally in use as there is not a large enough percentage of the population using noscript+adblock.

Re: Re: derp

I set up a virtual machine with a fresh install of Firefox (with NS and Adblock) originally it was intended as a testlab for code, now i do browsing in it aswell, and the whole .vm file gets deleted every few days and replaced with a copy of a clean one.
Roundabout way to do it (and one might argue slightly paranoid), but it works.

Disabling cookies gets you nowhere. There are many other systems you'd have to disable -- including a variation on the css history hack you referenced earlier that can actually persist arbitrary data) you'd have to disable. And that leak has only been plugged in FF4 -- every other browser is susceptible. But that's just scratching the surface...

There are some interesting possible technical solutions to these problems -- but a policy solution is just absolutely impossible. The browser is just too insecure -- we can't reasonably expect every company to vet every bit of ad code that goes on their servers. Censorship through third party liability indeed.

Re:

Internet Explorer

I'll play Devil's Advocate here.

If it's not built into Internet Explorer, it doesn't exist. Since most users use IE anyway, and have no idea to install Firefox, let alone Addons, they don't care that NoScript and ABP exist. It's not serving the "majority" of the population.

Re: Internet Explorer

You're mostly correct, although I think Firefox has outrun EI.

However this does not make it the purview of the government to jump in with a 'solution'. As much as I appreciate the Do Not Call list I still think it was at best a questionable stretch of government power.

Re: Internet Explorer

Nobody should use IE -- ever. It cannot be secured, period.

This is not to say that other browsers are secure, in the sense of "completely secure". Of course they're not. They do, however, give the user a fighting chance thanks to a combination of vastly superior design, development, testing, and deployment practices.

Anyone running IE might as well just hand over their system to the botnet operators; the latter will own it shortly anyway.

"There are already technological tools out there to do much of what the FTC appears to want."
I disagree. A browser + add-ons actually make for a distinct tracking mechanism within itself:https://panopticlick.eff.org/index.php

There are other issues which can't be blocked. In fact, Techdirt just wrote about one just recently.

Despite this, I agree the FTC need not be involved unless browser developers are intentionally making tracking a feature, not a bug.qw

Re:

They are, find and read MS's decisions on security in IE8, they were actually pulled back after marketing argued of possible lost revenue..(i.e. security was going to be to strong so little if any popus or other adds would have gotten through)
So maybe the FTC does need to get involved

You can disable cookies or use tools like No Script to block most tracking efforts already.

Well, yes, I can. But I'm the type of person who reads Techdirt.

Adblock and especially NoScript are actually very user-unfriendly; people who use them already may not realize this because they're geeks. The average person would not be able to figure out how to properly protect themselves from being tracked.

If the FTC can offer an idiot-proof anti-tracking system (which is unlikely, but stranger things have happened), then by all means, let 'em go for it. The free market's open to all players, including the government.

usefulness

The problem I have with the automatic calls for proxies and adblock / js blocking is that many of the same technologies can and often are very useful.
I design interfaces for a living and my emphasis is on making the experience better. A lot of the time this is made easier if we make a website that has some understanding of what the customer is doing. Amazon is the quick and easy example, with their recommendations and pages that collect what you have viewed and use it to suggest more stuff you might like.
While I don't imagine the FTC would end up doing much of a job with any rules to ban anything, the very idea of having some central body pouring scorn on the marketers who abuse these technologies seems like a good thing.

But...

MOST people who use the internet would have no idea how to turn off cookies or install ad blockers, especially since they use Internet Explorer... I work in tech support for the largest provider in the US, and 90% of the people I talk to would not have a clue what this article is even talking about. They need a clearly marked button to push.